From 7ebc1ab0d587ef2666b45a1999fbf4794ef3b1fb Mon Sep 17 00:00:00 2001
From: Wilson Sung <wilsonsung@google.com>
Date: Wed, 19 Apr 2023 12:41:05 +0800
Subject: [PATCH 1/2] Enforce installd

Fix: 260522202
Fix: 264490035
Test: Boot-to-home, no avc error
Change-Id: I2ec5a2771c53dcc520a2ea229f093d354b5c80fd
---
 tracking_denials/installd.te | 6 ------
 1 file changed, 6 deletions(-)
 delete mode 100644 tracking_denials/installd.te

diff --git a/tracking_denials/installd.te b/tracking_denials/installd.te
deleted file mode 100644
index 95b0a2fd..00000000
--- a/tracking_denials/installd.te
+++ /dev/null
@@ -1,6 +0,0 @@
-# b/260522202
-dontaudit installd modem_img_file:filesystem { quotaget };
-# b/264490035
-userdebug_or_eng(`
-  permissive installd;
-')
\ No newline at end of file

From 5394ad595ea1cc62a74eb04f499232d5f9555ec1 Mon Sep 17 00:00:00 2001
From: Wilson Sung <wilsonsung@google.com>
Date: Wed, 19 Apr 2023 23:51:41 +0800
Subject: [PATCH 2/2] Remove untraceable rules

avc: denied  { quotaget } for  comm="binder:1312_1" scontext=u:r:installd:s0 tcontext=u:object_r:modem_img_file:s0 tclass=filesystem permissive=0
Test: boot to home
Bug: 196916111
Bug: 264490035
Change-Id: Iec3dd7161bb788d81fe8034f3471ece0dfde7e0d
---
 vendor/installd.te | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 vendor/installd.te

diff --git a/vendor/installd.te b/vendor/installd.te
new file mode 100644
index 00000000..44e74c63
--- /dev/null
+++ b/vendor/installd.te
@@ -0,0 +1 @@
+dontaudit installd modem_img_file:filesystem quotaget;